Behind the Curtains of New War: Bringing Cyber War to the Crimean Peninsula

By
gTIC
·
March 7, 2014

Gone are the days where military conflict was contained within geographical boundaries limited to the range of the physical machines of war on the battlefield. Today, aggressions have the ability to escalate beyond a level paramount to any ever seen in the history of war, which transgress both time and space.

The Russian contentions in the Crimean Peninsula of the southern Ukrainian region are no exception. While the President of Russia, Vladimir Putin, shows muscle through military exercises along the border, a much more dangerous war has already fired its first shots - the cyber bullets of discreet malware and DDoS attacks that could quickly become the most dangerous weapons of all.[1]

SOURCE: BBC.CO.UK

Current Events

Despite allegations by various news agencies, President Putin steadily denies offensive forces in Crimea. Instead, he acknowledges their presence as defense in support of the Russian speaking populous of Crimea.[2]

But why would Russia use military intervention in a sovereign state at all? Russia maintains particularly close ties to bordering lands with Russian language and culture and influences political ties in the region. In fact, it is this political influence that added to the strains in Ukraine and resulted in the recent demonstrations in Kiev.

Currently, there are as many as 16,000 Russian military personnel in Crimea. According to media outlets, no lethal shots have been fired throughout the intervention.[3] However, in today’s tech world, it is imperative to ask the question: “Are guns and tanks the only weapons that matter in conflict?”

The answer is a glaring no, especially as we dig deeper into the actions taken by hacktivists on both sides of the current Crimean crisis. The problem with the cyber domain in war is plausible deniability by the states. While it is common practice for hacktivist groups to take public claim of their successful attacks and campaigns particularly on group forums and blogs, there is no denying the advantages these attacks create for one side of a conflict versus another.

On February 28, 2014, the first notable cyberattack of the Crimean conflict with Russia occurred in an unexpected hybrid fashion. Urktelecom, a predominant communications provider in the Crimean Peninsula, confirmed that an attack on its communications centers lasted at least two full days. Cutting off critical infrastructure to enemy lines of communication is a common practice in military strategy. However, in this instance, an unidentified group of men attacked the physical communication center buildings, cutting off virtually all landline and mobile communications as well as internet access provided by Urktelecom in Crimea.[4]

Additionally, it is now believed that these centers were attacked specifically so that wireless equipment could be installed to intercept communications from Ukrainian Military Police. There is currently no direct connection between the Urktelecom situation and the Russian government - and the Russian government has made no obvious claims of support for this attack - but it would give them an upper hand in maintaining control over the disputed land.[5]

The primary point of contention in this cyber battlefield now hinges on fears that Russia may expand its capabilities beyond Crimea and begin using its better known DDoS tactics on servers of other Ukrainian critical infrastructure.

While the attack on Urktelecom still goes unclaimed, Ukrainian hacktivists have not been entirely innocent on the cyber battlefield either. One group known as “Cyber-Berkut” has claimed responsibility defacing over 40 Russian news websites with an image of a Nazi swastika over a map of Crimea. Additionally, the Russian state-funded news website Russia Today was offline for 20 minutes due to a DDoS attack.[6]

Habits of the War Hackers

While the current situation has yet to escalate to the levels of the Russo-Georgian War of 2008, there are stark similarities that can be drawn between that conflict and the current one in Ukraine, particularly on the cyber front. In the 2008 conflict, the Russian cyber weapon of choice was Denial of Service (DoS) attacks, limiting internet access for organizations (including that of media, communications, transportation and government sites) as well as blocking access to certain IP space in the areas it does control on a cyber level.[7]

Let’s not forget the 2007 month-long cyber siege in the Russian-speaking state of Estonia - which again, is former a Soviet block and borders the current state lines of Russia. Throughout April and May of that year - coinciding with the Russian national holiday, Victory Day - DDoS attacks nearly crippled the small state, which ran the majority of its government transactions online.[8] The attacks have been identified as having come from Russia, but the Russian government has not taken claim of them just as it denied any relationship to the cyberattacks in Georgia and Ukraine.

Ukraine in a Post-Soviet World: The Big Question

In situations similar to what’s currently unfolding in the Crimean Peninsula, we must geo-locate the events in relation to their recent histories. Over the last 25 years, since the collapse of the former Soviet Union, Russia has continued attempts to either retain or regain what’s left of its hold on lands of the former block.

While Russia does not hold the same dual super power status it did prior to the collapse of the USSR, the continual effort to hold onto its current influence in bordering regions demonstrates it is not willing to let go of any more power. The South Ossetia War of 2008 between Georgia and Russia and the alleged 2007 cyberattacks on Estonia are prime examples of the grip Russia attempts to maintain among its bordering former lands.

Russia’s quick response to enter Crimea with both military force and cyber power suggests that it is still struggling to maintain this grip of influence on post-Soviet regions. Previously, either by United Nations decree or NATO, international forces have threatened to become involved in order to maintain state sovereignty. This leads one to wonder what the next move will be from either Russia or the international community. Ukraine has already announced that by moving troops into Crimea, Russia has declared war. The international community is expected to make a decision later this week on how to respond to Russian intervention in Ukraine.

Conclusion

Although the Russian government has made no public suggestions or claims to cyber activities over the last two decades that just so happened to take place against its adversaries from hackers within the state, the attacks have proved beneficial to the ground campaigns they have organized or prepared for.

Pro-Russian hacktivists - whether state sponsored or not - have continued to grow in the sophistication of their seemingly coordinated attacks. As the situation in Crimea continues to heat up, we can certainly expect to see a rise in cyber activity against both Ukraine and its allies, particularly when it comes to DDoS campaigns against servers that might affect Ukraine’s ability to defend against Russian ground troops.

One thing that post-Soviet Russia has shown is that war will never again be the same, nor will future international conflict exist without the assistance or hindrance of cyber activity.